Notices by Wolf480pl (wolf480pl@mstdn.io)

@tk @piggo
if your electric kettle converts electricity to heat without doing any computation with it, it's doing something wrong

@piggo @tk oooh does the display show megahashes per second?

@snow @lanodan although I guess that still wouldn't be enough to make a decision, since if the LPE is in handling of process names, that would be recheable from within a container...

@snow @lanodan yeah, it should've been communicated better.

Something like "I may've found an LPE in atop" would've been more appropriate I think.

@lanodan @snow
The patch mentions double free, IIRC those can let you overwrite a function pointer if the circumstances are right... idk if they were in this case.

I guess the question is, how often do people find this kind of bugs in popular commandline tools?
Cause if it's not often, then I think the warning was justified, even though it could've been communicated better.

@snow umm... sounds like a vuln tho?

Like, if it tries to connect to some port automatically, without you even knowing

and that's an unprivileged port, so any process on the system could listen on that port

and it has a memory corruption when the server on that port returns invalid data?

Sounds like a potential LPE to me.

@lanodan I mean it'd still work on the other DEs but only with the most basic features

@lanodan idk, I think wayland-protocols is better than the alternative of gtk only working on GNOME and Qt only working on KDE.

@lanodan
wayland-protocols is a good example, although not exactly a reusable component...

Also, kubernetes and a lot of the CNCF stuff comes to my mind

@lanodan
re support - that's why it's ideal when all projects using the reusable component co-maintain it

@lanodan
For example: if I make a pull request that says "hey, this library does $X which makes sense in your project but doesn't make sense in mine, so I let's make this behaviour configurable like this"

Do the maintainers approach it constructively, and work with you to find a solution that works for both/all projects using that library?

Or do they just reject the PR because "this is incompatible with $project's human interface guidelines" ?

@lanodan
(meant to reply earlier but forgot)

Maybe the software, as in a snapshot of source code, can't be absolutely unopinionated. But it's a spectrum.

And you can look at the process of developing that software and see in which direction decisions are made.

1/

@icedquinn @Suiseiseki @divVerent @a1ba
So I can't even blame this on Unicode Consortium's scope creep ;_;

@icedquinn @Suiseiseki @divVerent @a1ba ok but like

Did Unicode contain surrogates and modifier codepoints at the time when UTF-16 was designed?

Just realized it's impossible to use UCS-2 (UTF-16) for passing arguments to unix programs, because arguments are nul-terminated, and in UCS-2, almost every other byte is zero...

@nadia as a non-native speaker I think you used them correctly.

Something can't be "in a disk" or "in /dev/sda". It has to be "on a disk". Unless it's "in RAM".
It can be "in tmpfs" but not "in ext4" - that'd be "on ext4".

@lanodan no no

You said if ffmpeg didn't exist, you'd have to fork an existing video player, which is horrible.

This implies by omission that gstreamer is not your 2nd choice after ffmpeg :P

@lanodan which brings me to my next point:

It's not enough to have reusabke components. GNOME has reusable components (eg. gtk) but a lot of them have GNOME policy embedded in them - they will only do what GNOME needs them to do, and of you want to do things differently, tough luck, go write your own GUI toolkit.

We need unopinionated reusable components.

@lanodan I like how you assumed using gstreamer is worse than forking a video player

@lanodan can't say that about browsers, can we?